PT-2026-40578

Bytello Share Windows Edition installer executable provided by Bytello insecurely loads Dynamic Link Libraries. If there is a crafted DLL at the same directory when invoking the affected installer, arbitrary code may be executed with the privilege of the user invoking the installer...

CVE-2026-34488

IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2026-34488

Technical details beyond the high-level description are not publicly available in the provided documents. Monitor for updates from the listed references for affected products, vulnerable components, and remediation guidance.

EUVD-2026-25138

The installers of LiveOn Meet Client for Windows Downloader5Installer.exe and Downloader5InstallerForAdmin.exe and the installers of Canon Network Camera Plugin CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe insecurely load Dynamic Link Libraries DLLs. If a malicious DLL is placed at the...

CVE-2026-32679

CVE-2026-32679 affects LiveOn Meet Client for Windows and Canon Network Camera Plugin installers (Downloader5Installer.exe, Downloader5InstallerForAdmin.exe, CanonNWCamPlugin.exe, CanonNWCamPluginForAdmin.exe). The installers insecurely load DLLs from the same directory; if a malicious DLL is pre...

Installers of LiveOn Meet Client for Windows and its plugin may insecurely load Dynamic Link Libraries

Overview LiveOn Meet provided by Japan Media Systems Corporation is a web conferencing system. The installer of LiveOn Meet Client for Windows and the installer of Canon Network Camera Plugin insecurely load Dynamic Link Libraries. Uncontrolled search path element CWE-427 - CVE-2026-32679 This...

PT-2026-31881

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

CVE-2025-59710

Vulnerability in BizTalk360 prior to 11.5: due to incorrect access control, any user can trigger loading of a DLL file. During loading, a method is called, enabling an attacker to craft and upload a malicious DLL to the server to achieve remote code execution. The issue is described across CVE re...

RATOC RAID Monitoring Manager for Windows 代码问题漏洞

RATOC RAID Monitoring Manager for Windows is a software developed by RATOC RAID in Japan, designed for monitoring and managing the RAID hard drive boxes it supports. RATOC RAID Monitoring Manager for Windows has a code vulnerability that stems from the installer loading DLLs from the current...

CVE-2026-26306

The CVE-2026-26306 entry concerns the installer for OM Workspace (Windows Edition) versions 2.4 and earlier, which insecurely loads Dynamic Link Libraries (DLLs) during installation. The root cause is improper DLL loading, enabling an attacker to execute arbitrary code with the privileges of the ...

CVE-2026-24317

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directories. The malicious command is executed in the victim user's...

SAP GUI for Windows 代码问题漏洞

SAP GUI for Windows is an interface graphical software for Windows developed by the German company SAP. SAP GUI for Windows has a code vulnerability that stems from allowing DLL files to be loaded from any directory within the application. This vulnerability may allow malicious commands to be...

CVE-2026-26050

The installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール versions prior to Ver.1.3.7 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with administrative privileges...

CVE-2026-26050

CVE-2026-26050 affects the installer for ジョブログ集計/分析ソフトウェア RICOHジョブログ集計ツール prior to version 1.3.7 . The issue is in the DLL search path which may cause insecure loading of Dynamic Link Libraries, enabling arbitrary code execution with administrative privileges . CVSS metrics from JPCERT quantify t...

CVE-2026-25655

A vulnerability has been identified in SINEC NMS All versions V4.0 SP2. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially leading to arbitrary code execution with administrative...

CVE-2026-24694

The installer for Roland Cloud Manager ver.3.1.19 and prior insecurely loads Dynamic Link Libraries DLLs, which could allow an attacker to execute arbitrary code with the privileges of the application...

NVIDIA Linux GPU Display Driver (January 2026)

A display driver installed on the remote Linux host is affected by multiple vulnerabilities, including the following: - NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead to arbitrary denial of service, escalation of privileges, code execution, and da...

CVE-2026-21408

beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges...

CVE-2026-21408

The CVE-2026-21408 issue affects beat-access for Windows 3.0.3 and earlier, due to an insecure DLL search path (Uncontrolled search path element, CWE-427) that may cause loading of DLLs leading to arbitrary code execution with SYSTEM privileges. Documented impact is arbitrary code execution with ...

CVE-2025-33231

NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of...